def identify(self, environ): #get the cookie from the environment if it exsits cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) #check if it is not null if cookie is None or not cookie.value: return None try: #Use the cookie to get the users id from memcache user = self.mc.get(cookie.value) except Exception as e: logger.error('Exception getting user from memcache: {0}'.format(e)) return None #check if user exists if not user: return None #logger.debug('Got User Object: {0}'.format(user)) #check if user has timed out credentials if self.timeout and ( (user.get('timestamp', 0) + self.timeout) < time.time() ): return None #if user is valid and their creds haven't timed out then set environ and return the user data environ['REMOTE_USER_DATA'] = user environ['AUTH_TYPE'] = 'memcached' return user
def identify(self, environ): #get the cookie from the environment if it exsits cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) #check if it is not null if cookie is None or not cookie.value: return None try: #Use the cookie to get the users id from memcache user = self.mc.get(cookie.value) except Exception as e: logger.error('Exception getting user from memcache: {0}'.format(e)) return None #check if user exists if not user: return None #logger.debug('Got User Object: {0}'.format(user)) #check if user has timed out credentials if self.timeout and ( (user.get('timestamp', 0) + self.timeout) < time.time()): return None #if user is valid and their creds haven't timed out then set environ and return the user data environ['REMOTE_USER_DATA'] = user environ['AUTH_TYPE'] = 'memcached' return user
def remember(self, environ, identity): cookies = get_cookies(environ) if identity is not None and not self.cookie_name in cookies: aes = environ['aes_cipher'] val = base64.b64encode(bauth(aes, '%s:%s' % ( identity['login'], identity['password']))) identity['tokens'] = environ['remote.domains'] identity['repoze.who.userid'] = val return Basetkt.remember(self, environ, identity)
def _remember(self, environ, identity): log.debug('remembering') if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' cookies = get_cookies(environ) old_cookie = cookies.get(self.cookie_name) existing = cookies.get(self.cookie_name) old_cookie_value = getattr(existing, 'value', None) max_age = identity.get('max_age', None) timestamp, userid, tokens, userdata = None, '', (), '' if old_cookie_value: try: timestamp, userid, tokens, userdata = auth_tkt.parse_ticket( self.secret, old_cookie_value, remote_addr, digest_algo=self.digest_algo) except auth_tkt.BadTicket: pass tokens = tuple(tokens) who_userid = identity['repoze.who.plugins.visitor_tracker.userid'] log.debug('remembering: user_id=%r', who_userid) who_tokens = tuple(identity.get('tokens', ())) who_userdata = identity.get('userdata', '') encoding_data = self.userid_type_encoders.get(type(who_userid)) if encoding_data: encoding, encoder = encoding_data who_userid = encoder(who_userid) # XXX we are discarding the userdata passed in the identity? who_userdata = 'userid_type:%s' % encoding old_data = (userid, tokens, userdata) new_data = (who_userid, who_tokens, who_userdata) if old_data != new_data or (self.reissue_time and ( (timestamp + self.reissue_time) < time.time())): ticket = auth_tkt.AuthTicket(self.secret, who_userid, remote_addr, tokens=who_tokens, user_data=who_userdata, cookie_name=self.cookie_name, secure=self.secure, digest_algo=self.digest_algo) new_cookie_value = ticket.cookie_value() if old_cookie_value != new_cookie_value: # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)
def remember(self, environ, identity): if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' cookies = get_cookies(environ) old_cookie = cookies.get(self.cookie_name) existing = cookies.get(self.cookie_name) old_cookie_value = getattr(existing, 'value', None) max_age = identity.get('max_age', None) timestamp, userid, tokens, userdata = None, '', (), '' if old_cookie_value: try: timestamp,userid,tokens,userdata = auth_tkt.parse_ticket( self.secret, old_cookie_value, remote_addr, self.digest_algo) except auth_tkt.BadTicket: pass tokens = tuple(tokens) who_userid = identity['repoze.who.userid'] who_tokens = tuple(identity.get('tokens', ())) who_userdata_dict = identity.get('userdata', {}) encoding_data = self.userid_type_encoders.get(type(who_userid)) if encoding_data: encoding, encoder = encoding_data who_userid = encoder(who_userid) who_userdata_dict[self.userid_typename] = encoding who_userdata = urlencode(who_userdata_dict) old_data = (userid, tokens, userdata) new_data = (who_userid, who_tokens, who_userdata) if old_data != new_data or (self.reissue_time and ( (timestamp + self.reissue_time) < time.time() )): ticket = auth_tkt.AuthTicket( self.secret, who_userid, remote_addr, tokens=who_tokens, user_data=who_userdata, cookie_name=self.cookie_name, secure=self.secure, digest_algo=self.digest_algo) new_cookie_value = ticket.cookie_value() if old_cookie_value != new_cookie_value: # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)
def remember(self, environ, identity): if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' cookies = get_cookies(environ) old_cookie = cookies.get(self.cookie_name) existing = cookies.get(self.cookie_name) old_cookie_value = getattr(existing, 'value', None) max_age = identity.get('max_age', None) timestamp, userid, tokens, userdata = None, '', (), '' if old_cookie_value: try: timestamp, userid, tokens, userdata = auth_tkt.parse_ticket( self.secret, old_cookie_value, remote_addr, self.digest_algo) except auth_tkt.BadTicket: pass tokens = tuple(tokens) who_userid = identity['repoze.who.userid'] who_tokens = tuple(identity.get('tokens', ())) who_userdata_dict = identity.get('userdata', {}) encoding_data = self.userid_type_encoders.get(type(who_userid)) if encoding_data: encoding, encoder = encoding_data who_userid = encoder(who_userid) who_userdata_dict[self.userid_typename] = encoding who_userdata = urlencode(who_userdata_dict) old_data = (userid, tokens, userdata) new_data = (who_userid, who_tokens, who_userdata) if old_data != new_data or (self.reissue_time and ( (timestamp + self.reissue_time) < time.time())): ticket = auth_tkt.AuthTicket(self.secret, who_userid, remote_addr, tokens=who_tokens, user_data=who_userdata, cookie_name=self.cookie_name, secure=self.secure, digest_algo=self.digest_algo) new_cookie_value = ticket.cookie_value() if old_cookie_value != new_cookie_value: # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)
def forget(self, environ, identity): logger.debug('Forget - repoze.who') #get the cookie and delete it's key & data from memcache cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) if cookie and cookie.value: self.mc.delete(cookie.value) logger.debug('Forgetting cookie: {0}'.format(cookie.value)) # return a set of expires Set-Cookie headers return self._get_cookies(environ, 'INVALID', 0)
def identify(self, environ): logger.debug('identify: START') logger.debug('identify -- Environ: {0}'.format(environ)) cookies = get_cookies(environ) logger.debug('identify -- Cookies: {0} '.format(cookies)) logger.debug('identify -- Cookie Name: {0} '.format(self.cookie_name)) cookie = cookies.get(self.cookie_name) logger.debug('identify -- Cookie: {0} '.format(cookie)) if cookie is None or not cookie.value: return None if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' try: timestamp, userid, tokens, user_data = auth_tkt.parse_ticket( self.secret, cookie.value, remote_addr) except auth_tkt.BadTicket: return None if self.timeout and ( (timestamp + self.timeout) < time.time() ): return None user_data_dict = dict(parse_qsl(user_data)) userid_type = user_data_dict.get(self.userid_typename) if userid_type: decoder = self.userid_type_decoders.get(userid_type) if decoder: userid = decoder(userid) environ['REMOTE_USER_TOKENS'] = tokens environ['REMOTE_USER_DATA'] = user_data environ['AUTH_TYPE'] = 'cookie' identity = {} identity['timestamp'] = timestamp identity['repoze.who.plugins.auth_tkt.userid'] = userid identity['tokens'] = tokens identity['userdata'] = user_data_dict return identity
def identify(self, environ): cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) if cookie is None or not cookie.value: return None if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' try: timestamp, userid, tokens, user_data = auth_tkt.parse_ticket( self.secret, cookie.value, remote_addr) except auth_tkt.BadTicket: return None if self.timeout and ( (timestamp + self.timeout) < time.time() ): return None userid_typename = 'userid_type:' user_data_info = user_data.split('|') for datum in filter(None, user_data_info): if datum.startswith(userid_typename): userid_type = datum[len(userid_typename):] decoder = self.userid_type_decoders.get(userid_type) if decoder: userid = decoder(userid) environ['REMOTE_USER_TOKENS'] = tokens environ['REMOTE_USER_DATA'] = user_data environ['AUTH_TYPE'] = 'cookie' identity = {} identity['timestamp'] = timestamp identity['repoze.who.plugins.auth_tkt.userid'] = userid identity['tokens'] = tokens identity['userdata'] = user_data return identity
def identify(self, environ): cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) if cookie is None or not cookie.value: return None if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' try: timestamp, userid, tokens, user_data = auth_tkt.parse_ticket( self.secret, cookie.value, remote_addr) except auth_tkt.BadTicket: return None if self.timeout and ((timestamp + self.timeout) < time.time()): return None userid_typename = 'userid_type:' user_data_info = user_data.split('|') for datum in filter(None, user_data_info): if datum.startswith(userid_typename): userid_type = datum[len(userid_typename):] decoder = self.userid_type_decoders.get(userid_type) if decoder: userid = decoder(userid) environ['REMOTE_USER_TOKENS'] = tokens environ['REMOTE_USER_DATA'] = user_data environ['AUTH_TYPE'] = 'cookie' identity = {} identity['timestamp'] = timestamp identity['repoze.who.plugins.auth_tkt.userid'] = userid identity['tokens'] = tokens identity['userdata'] = user_data return identity
def identify(self, environ): cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) if cookie is None or not cookie.value: return None if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' try: timestamp, userid, tokens, user_data = auth_tkt.parse_ticket( self.secret, cookie.value, remote_addr, self.digest_algo) except auth_tkt.BadTicket: return None if self.timeout and ( (timestamp + self.timeout) < time.time() ): return None user_data_dict = dict(parse_qsl(user_data)) userid_type = user_data_dict.get(self.userid_typename) if userid_type: decoder = self.userid_type_decoders.get(userid_type) if decoder: userid = decoder(userid) environ['REMOTE_USER_TOKENS'] = tokens environ['REMOTE_USER_DATA'] = user_data environ['AUTH_TYPE'] = 'cookie' identity = {} identity['timestamp'] = timestamp identity['repoze.who.plugins.auth_tkt.userid'] = userid identity['tokens'] = tokens identity['userdata'] = user_data_dict return identity
def remember(self, environ, identity): logger.debug('remember: START') if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' cookies = get_cookies(environ) logger.debug('remember -- cookies: %s' % (cookies)) old_cookie = cookies.get(self.cookie_name) logger.debug('remember -- old_cookie: %s' % (old_cookie)) existing = cookies.get(self.cookie_name) logger.debug('remember -- existing cookies: %s' % (existing)) old_cookie_value = getattr(existing, 'value', None) logger.debug('remember -- old_cookie_value: %s' % (old_cookie_value)) max_age = identity.get('max_age', None) logger.debug('remember -- max_age: %s' % (max_age)) timestamp, userid, tokens, userdata = None, '', (), '' if old_cookie_value: try: timestamp,userid,tokens,userdata = auth_tkt.parse_ticket( self.secret, old_cookie_value, remote_addr) except auth_tkt.BadTicket: pass tokens = tuple(tokens) who_userid = identity['repoze.who.userid'] logger.debug('remember -- who_userid: {0}'.format(who_userid)) who_tokens = tuple(identity.get('tokens', ())) logger.debug('remember -- who_token: {0}'.format(who_tokens)) who_userdata_dict = identity.get('userdata', {}) logger.debug('remember -- who_userdata_dict: {0}'.format(who_userdata_dict)) encoding_data = self.userid_type_encoders.get(type(who_userid)) if encoding_data: logger.debug('remember -- Encoding Data') encoding, encoder = encoding_data who_userid = encoder(who_userid) who_userdata_dict[self.userid_typename] = encoding who_userdata = urlencode(who_userdata_dict) old_data = (userid, tokens, userdata) new_data = (who_userid, who_tokens, who_userdata) logger.debug('remember -- old_data: {0}'.format(old_data)) logger.debug('remember -- new_data : {0}'.format(new_data )) if old_data != new_data or (self.reissue_time and ( (timestamp + self.reissue_time) < time.time() )): ticket = auth_tkt.AuthTicket( self.secret, who_userid, remote_addr, tokens=who_tokens, user_data=who_userdata, cookie_name=self.cookie_name, secure=self.secure) new_cookie_value = ticket.cookie_value() logger.debug('remember -- old_cookie_value : {0}'.format(old_cookie_value )) logger.debug('remember -- new_cookie_value : {0}'.format(new_cookie_value )) if old_cookie_value != new_cookie_value: # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)
def identify(self, environ): log.debug('identify') cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) got_new_user = False if self.is_authenticated_checker \ and self.is_authenticated_checker(environ): log.debug('User is authenticated') return None if cookie is None or not cookie.value: log.debug('No visitor cookie') if not self.visitor_id_creator: return None timestamp, user_id, tokens, user_data = self.visitor_id_creator( environ) got_new_user = True if not got_new_user: if self.include_ip: remote_addr = environ['REMOTE_ADDR'] else: remote_addr = '0.0.0.0' try: timestamp, user_id, tokens, user_data = auth_tkt.parse_ticket( self.secret, cookie.value, remote_addr, digest_algo=self.digest_algo) except auth_tkt.BadTicket: log.debug('Bad ticket') return None if self.user_id_checker and not self.user_id_checker(user_id): log.debug('invalid user_id') return None if self.timeout and ((timestamp + self.timeout) < time.time()): log.debug('Timed out') return None userid_typename = 'userid_type:' user_data_info = user_data.split('|') for datum in filter(None, user_data_info): if datum.startswith(userid_typename): userid_type = datum[len(userid_typename):] decoder = self.userid_type_decoders.get(userid_type) if decoder: user_id = decoder(user_id) environ['VISITOR_ID'] = user_id environ['VISITOR_TOKENS'] = tokens environ['VISITOR_DATA'] = user_data identity = { 'timestamp': timestamp, 'repoze.who.plugins.visitor_tracker.userid': user_id, 'tokens': tokens, 'userdata': user_data, 'is_new_visitor': got_new_user, 'max_age': self.timeout, } environ['visitor_identity'] = identity return None
def remember(self, environ, identity): cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) max_age = identity.get('max_age', None) #if no timestamp then set to 0 as earliest to can be reissued timestamp = 0 old_user = {} #get users data from memcache and compare it to new data received if cookie and cookie.value: old_user = self.mc.get(cookie.value) logger.debug('Cookie val: {0}'.format(cookie.value)) else: logger.debug('No Old Cookie') logger.debug('Got Old User: {0}'.format(old_user)) if not old_user: old_user = {} timestamp = old_user.get('timestamp', 0) #get the users IP address to be stored users_ip = environ['REMOTE_ADDR'] or old_user.get('ip') #get the new users data, or if blank, use the new users new_user_data = identity.get('userdata', {}) logger.debug('Remembering userdata: {0}'.format(new_user_data)) new_user_altid = identity.get('repoze.who.userid') new_user_given = new_user_data.get('givenName', old_user.get('given')) new_user_sn = new_user_data.get('sn', old_user.get('sn')) new_user_uid = new_user_data.get('uid', old_user.get('uid')) new_user_ip = users_ip old_user_altid = old_user.get('altid') old_user_given = old_user.get('given') old_user_sn = old_user.get('sn') old_user_uid = old_user.get('uid') old_user_ip = old_user.get('ip') #build objects to compare old_data = (old_user_altid, old_user_given, old_user_sn, old_user_uid) new_data = (new_user_altid, new_user_given, new_user_sn, new_user_uid) data_diff = old_data != new_data reissue = self.reissue_time and ((timestamp + self.reissue_time) < time.time()) #TODO: Is it better to change userdata if it changes but keep key until timeout, then only #TODO-cont: reissue once timeout is reached? #if new data or reissue time is reached, then create new timestamp and store data if data_diff or reissue: logger.debug('Data Diff: {0} ::: Reissue: {1}'.format(data_diff, reissue)) #get a new hash for the new cookie new_cookie_value = self._get_hash() #delete the old cookie's data from memcache if cookie and cookie.value: self.mc.delete(cookie.value) logger.debug('Old Userdata: {0}'.format(old_data)) logger.debug('New Userdata: {0}'.format(new_data)) #add the new data for the new cookie new_user = {} new_user['timestamp'] = time.time() new_user['altid'] = new_user_altid new_user['uid'] = new_user_uid new_user['given'] = new_user_given new_user['sn'] = new_user_sn new_user['ip'] = new_user_ip logger.debug('Saving new user {0} ::: {1}'.format(new_cookie_value, new_user)) self.mc.set(new_cookie_value, new_user) # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)
def remember(self, environ, identity): cookies = get_cookies(environ) cookie = cookies.get(self.cookie_name) max_age = identity.get('max_age', None) #if no timestamp then set to 0 as earliest to can be reissued timestamp = 0 old_user = {} #get users data from memcache and compare it to new data received if cookie and cookie.value: old_user = self.mc.get(cookie.value) logger.debug('Cookie val: {0}'.format(cookie.value)) else: logger.debug('No Old Cookie') logger.debug('Got Old User: {0}'.format(old_user)) if not old_user: old_user = {} timestamp = old_user.get('timestamp', 0) #get the users IP address to be stored users_ip = environ['REMOTE_ADDR'] or old_user.get('ip') #get the new users data, or if blank, use the new users new_user_data = identity.get('userdata', {}) logger.debug('Remembering userdata: {0}'.format(new_user_data)) new_user_altid = identity.get('repoze.who.userid') new_user_given = new_user_data.get('givenName', old_user.get('given')) new_user_sn = new_user_data.get('sn', old_user.get('sn')) new_user_uid = new_user_data.get('uid', old_user.get('uid')) new_user_ip = users_ip old_user_altid = old_user.get('altid') old_user_given = old_user.get('given') old_user_sn = old_user.get('sn') old_user_uid = old_user.get('uid') old_user_ip = old_user.get('ip') #build objects to compare old_data = (old_user_altid, old_user_given, old_user_sn, old_user_uid) new_data = (new_user_altid, new_user_given, new_user_sn, new_user_uid) data_diff = old_data != new_data reissue = self.reissue_time and ( (timestamp + self.reissue_time) < time.time()) #TODO: Is it better to change userdata if it changes but keep key until timeout, then only #TODO-cont: reissue once timeout is reached? #if new data or reissue time is reached, then create new timestamp and store data if data_diff or reissue: logger.debug('Data Diff: {0} ::: Reissue: {1}'.format( data_diff, reissue)) #get a new hash for the new cookie new_cookie_value = self._get_hash() #delete the old cookie's data from memcache if cookie and cookie.value: self.mc.delete(cookie.value) logger.debug('Old Userdata: {0}'.format(old_data)) logger.debug('New Userdata: {0}'.format(new_data)) #add the new data for the new cookie new_user = {} new_user['timestamp'] = time.time() new_user['altid'] = new_user_altid new_user['uid'] = new_user_uid new_user['given'] = new_user_given new_user['sn'] = new_user_sn new_user['ip'] = new_user_ip logger.debug('Saving new user {0} ::: {1}'.format( new_cookie_value, new_user)) self.mc.set(new_cookie_value, new_user) # return a set of Set-Cookie headers return self._get_cookies(environ, new_cookie_value, max_age)